DDoS on RamNode NL ips


Content Contributer

RamNull is mitigating a bunch of attacks in the NL right now. NLSVZ2 had to be rebooted after CPU lock up.

The sequential DDoS attacks on our NL location are still ongoing.
Got one notification too:


RamNull, our automated DDoS mitigation system, has detected an attack against your IP 176.XX.XXX.XXX, assigned to "yourvps". Your IP will be nullrouted for XX minutes. If the attack continues after this time, your IP will be nullrouted again.

Please DO NOT reply to this automated email. You can open a support ticket in the Client Area if you have any questions.


So someone is DDoSing all RamNode NL ips one by one.

Shame on them to attack customers.


Provider of the year (2014)
Yeah it has been annoying to say the least, but we believe we have it under control now. RamNull has been a huge help in this type of situation since it minimizes the impact to specific IPs rather than us having to nullroute large blocks at a time.
Last edited by a moderator:


New Member
There is special place in hell for people who do these attacks.
I can imagine an overweight fourty year old not caring about his personal hygeine and stuffing his face with Doritos while smiling at the fact he managed to find out how to execute a DNS amplification attack against an IP range in sequential order.

Special place in hell indeed.


Just a little bit crazy...
Verified Provider
Unfortunately sequential attacks are getting more and more common, until a few months ago we were aware of two such incidents. Now I've seen three this month.

Unfortunately for providers like Ramnode there is little that can be done with these attacks other than nullrouting the affected IP. Hopefully the attacker gets bored and / or gives up.
Last edited by a moderator:


New Member
Every provider should kill all accounts that run open relay DNS servers. This ddos game will only end if it is not so dirty cheap to do a ddos.